[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CPSR Workplace Privacy Test
- To: CYPHERPUNKS <[email protected]>
- Subject: CPSR Workplace Privacy Test
- From: Dave Banisar <[email protected]>
- Date: Fri, 2 Jul 1993 16:00:05 EST
- Organization: CPSR Civil Liberties and Computing Project
CPSR Workplace Privacy Testimony
=====================================================
Prepared Testimony
and
Statement for the Record
of
Marc Rotenberg,
Director, CPSR Washington office,
Adjunct Professor, Georgetown University Law Center
on
H.R. 1900,
The Privacy for Consumers and Workers Act
Before
The Subcommittee on Labor-Management Relations,
Committee on Education and Labor,
U.S. House of Representatives
June 30, 1993
Mr. Chairman, members of the Subcommittee, thank
for the opportunity to testify today on H.R. 1900, the
Privacy for Consumers and Workers Act. My name is Marc
Rotenberg and I am the director of the CPSR Washington
office and an adjunct professor at Georgetown University
Law Center where I teach a course on information privacy
law.
Speaking on behalf of CPSR, we strongly endorse the
Privacy for Consumers and Workers Act. The measure will
establish important safeguards for workers and consumers
in the United States. We believe that H.R. 1900 is
particularly important as our country becomes more
dependent on computerized information systems and the
risk of privacy abuse increases.
CPSR has a special interest in workplace privacy.
For almost a decade we have advocated for the design of
computer systems that better serve the needs of
employees in the workplace. We do not view this
particular goal as a trade-off between labor and
management. It is our belief that computer systems and
information policies that are designed so as to value
employees will lead to a more productive work
environment and ultimately more successful companies and
organizations. As Charles Hecksher of the Harvard
Business School has said good managers have no use for
secret monitoring.
Equally important is the need to ensure that
certain fundamental rights of employees are safeguarded.
The protection of personal privacy in the information
age may be as crucial for American workers as the
protection of safety was in the age of machines.
Organizations that fail to develop appropriate workplace
privacy policies leave employees at risk of abuse,
embarrassment, and harassment.
The concern about workplace privacy is widely felt
in the computer profession. This month MacWorld
magazine, a leading publication in the computer
industry, released a special report on workplace
privacy. The report, based on a survey of 301 companies
in the United States and authored by noted science
writer Charles Piller, made clear the need for a strong
federal policy.
Among the key findings of the MacWorld survey:
> More than 21 percent of those polled said that
they had "engaged in searches of employee
computer files, voice mail, electronic mail, or
other networking communications."
> "Monitoring work flow" is the most frequently
cited reason for electronic searches.
> In two out of three cases, employees are not
warned about electronic searches.
> Only one third of the companies surveyed have a
written policy on privacy
What is also interesting about the MacWorld survey
is the high level of concern expressed by top corporate
managers about electronic monitoring. More than a half
of those polled said that electronic monitoring was
either "never acceptable" or "usually or always
counterproductive." Less than five percent believed
that electronic monitoring was a good tool to routinely
verify honesty.
These numbers suggest that managers would support a
sensible privacy law. Indeed, they are consistent with
other privacy polls conducted by Professor Alan Westin
for the Lou Harris organization which show that managers
are well aware of privacy concerns and may, with a
little prodding, agree to sensible policies.
What would such a policy look like? The MacWorld
report also includes a model privacy policy that is
based on several U.S. and international privacy codes.
Here are the key elements:
> Employees should know what electronic
surveillance tools are used, and how management
will use the data gathered.
> Management should minimize electronic monitoring
as much as possible. Continuous monitoring
should not be permitted.
> Data should only be used for clearly defined,
work-related purposes.
> Management should not engage in secret
monitoring unless there is credible evidence of
criminal activity or serious wrongdoing.
> Data gathered through monitoring should not be
the sole factor in employee evaluations.
> Personal information gathered by employers
should not be disclosed to any third parties,
except to comply with legal requirements.
> Employees or prospective employees should not be
asked to waive privacy rights.
> Managers who violate these privacy principles
should be subject to discipline or termination.
Many of these provisions are contained in H.R.
1900, the Privacy for Consumers and Workers Act.
Clearly, the policies and the bill itself are not
intended to prohibit monitoring, nor to prevent
employers from protecting their business interests.
What the bill will do is help establish a clear
framework that ensures employees are properly notified
of monitoring practices, that personal information is
not misused, and that monitoring capability is not
abused. It is a straightforward, sensible approach that
does not so much balance rights as it clarifies
interests and ensures that both employers and employees
will respect appropriate limitations on monitoring
capability.
The need to move quickly to establish a framework
for workplace privacy protection is clear. Privacy
problems will become more acute in the years ahead as
new monitoring schemes are developed and new forms of
personal data are collected. As Professor Gary Marx has
made clear, there is little that can be imagined in the
monitoring realm that can not be achieved. Already,
some members of the computer profession are wearing
"active badges" that provide full-time geographical
monitoring. Properly used, these devices help employees
use new tools in the hi-tech workplace. Improperly
used, such devices could track the physical movements of
an employee throughout the day, almost like a blip on a
radar screen.
Computers are certainly powerful tools. We believe
that they can be used to improve productivity and
increase job satisfaction. But this requires that
appropriate policies be developed to address employee
concerns and that laws be passed, when necessary, to
ensure that computer abuse does not occur.
This concludes my testimony. I would be pleased to
answer your questions.
=====================================================